Download Article (PDF)

Advances in Economics, Business and Management Research, volume 90 International Scientific-Practical Conference on Business Cooperation (ISPCBS 2019) Methodical and practical aspects of the analysis of the state and development of risk management systems for international corporations

Rykhtikova Natalia Faculty of Economics and Management Moscow regional branch of Russian Presidential Academy of National Economy and Public Administration, Krasnogorsk branch of RANEPA Krasnogorsk, Russian Federation nar.prof@yandex.ru

Abstract—In this article, the essence and main main areas of study of risk management systems of modern characteristics of the category “risk management system of an corporations are the following: formation principles [3], [4], organization” are described. It is proposed to consider five elements of risk culture, such as identification, assessment, levels of risk management system development (the third, the prioritization, and others [3], [4], [5], [6], risk management as fourth and the fifth levels are typical for international a basis for ensuring economic security [2], [3]. But it should corporations). We present the results of the risk management be noted that the complexity and mutual influence of systems analysis for international corporations, namely: processes and procedures of risk management requires the RusHydro, NLMK, Severstal, Gazprom Neft, Metalloinvest, use of a systematic approach that allows taking into account Philips, Nestlé, Unilever, and others. Criteria for comparative all the factors and elements that influence the productivity characteristics of systems implementation experience are the and efficiency of the RMS. The purpose of this research is to following: the role in the organization management, basic standards, risk coverage, features of risk assessment and determine the parameters, levels and directions of the RMS management, frequency and content of improvement measures, development of modern organizations. etc. Based on the study results, the main directions of II. METHODS development of risk management systems are considered. The following methods were used in the study: Keywords—risk management system, types of risks, risk situational, factor analysis, object-oriented modeling of the management. situation. So, to determine the methodological aspects of the RMS analysis, at first it is necessary to consider the essence I. INTRODUCTION of this economic definition based on the situational analysis. The high level of uncertainty and buoyancy of external Currently, there are three options for the definition of the environment are the main characteristics of the modern RMS proposed by the organizations. In the first case, the economic reality of international corporations. This drives RMS is considered as a combination of individual elements the increase in the degree of negative risk impacts, which, such as the organizational structure, procedures, control and among the other things, include: risks of violation/non- management, and others (RusHydro, FGC UES, etc.). In fulfillment of contractual obligations, business practice, the second option is more widespread, in which the transformation, reduction in demand for products, decreasing RMS is a combination of methodology, methods, procedures, the organization competitiveness, climate change, lack of business processes, participants and individual functions, resources, etc. Significant amounts of financial and other policies, tools and activities aimed at effective risk types of resources, large scale activities, wide range of the management of an organization (Aeroflot, Tatneft, Russian territorial and sectorial development directions of Railways, etc.). The third option is common for foreign international companies determine the existence of risks of companies, while the operation of the RMS is primarily critical and global impact, and as a result, the likelihood of associated with the formation of a certain risk management significant losses [4, p. 2]. Therefore, for several decades, culture within the organization (Coca-Cola HBC AG, risk management is one of the key functions of the Volkswagen AG, BASF SE, Johnson & Johnson and others). international corporation management. It is proposed to take into account the existing definitions of the concept and consider the RMS as a set of individual Despite the fact that the implementation of risk elements and subsystems necessary for the implementation of management systems (RMS) in modern corporations is risk management processes and procedures in order to create carried out on the basis of generally accepted international a risk management culture and ensure the effectiveness of the standards (FERMA, ERM COSO, etc.), in practice there is organization activities, including that by overcoming the no uniform, universal risk management system template and economic growth barriers. To determine the level of the each of the organizations applies its own variant. Among the RMS development, it is recommended to consider the The present study was conducted with support from the Yugra State following parameters of the risk culture of the organization: University (Khanty-Mansiysk Town, Russia) and Khanty-Mansiysk Town Administration (a municipal entity of Khanty-Mansi Autonomous District – the role and place of the RMS in the structure of the Yugra urban district Khanty-Mansiysk Town). organization management; basic standards of the RMS; the

Copyright © 2019, the Authors. Published by Atlantis Press. This is an open access article under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/). 554 number and qualification of personnel implementing the systems operating within generally accepted international functions of the RMS; information security, level of the RMS standards were selected for the study. Thus, risk management automation; methods of risk assessment and minimization systems were considered for the following companies: used in the RMS; improvement, cyclical development and RusHydro, NLMK Group, Gazprom Neft, Metalloinvest, evaluation of the RMS efficiency. The selection of the RMS Lukoil, NK Rosneft, Severstal, Tatneft Group, Philips, characteristics was carried out taking into account the Nestlé, Unilever, Coca-Cola. The study was conducted on the possibility of applying the project approach, which implies basis of official data and reports of organizations [1], [7], [8], the need to assess the resources and capabilities, timing and [9], [10], [11], [12], [13], [14], [15], [16], [18]. According to quality of the management processes. the results of the study, the following conclusions were made: the activities of companies such as Nestlé and PJSC III. FINDINGS Gazpromneft can be attributed to the third level of the RMS; The study allowed us to identify five levels of the RMS the fourth level corresponds to the RMS of RusHydro, development, the characteristics of which are presented in NLMK Group, Lukoil, Tatneft Group, Philips, Coca-Cola. Table 1. Corporate international companies with a high level The fifth level of the RMS is characteristic for Metalloinvest, of organization of business processes and risk management NK Rosneft, Severstal, Unilever.

TABLE I. GENERAL DESCRIPTION OF THE LEVELS OF FORMATION OF RISK MANAGEMENT SYSTEMS OF THE ORGANIZATION Parameters of RMS formation RMS in the The presence and Compliance of The level of Revealing of The used risk Assessment of organization appearance of the personnel RMS information problems within assessment and efficiency and management basic RMS qualifications support the list of risks management improvement of

RMS level RMS standard with RMS methods RMS functions 1st There is no Risk Standards are not Staff There are no Risks are taken Risk assessment No measures are Management applied qualification specialized forms into account and risk implemented Division does not comply for reporting formally when management with RMS making methods are not decisions applied formally 2nd Employee (s) Selected Specialists with Separate forms of Only key risks Express - risk Evaluation of responsible for provisions of specialized management are considered assessment. overall risk management standards and economic accounting and Insurance, performance internal education reporting outsourcing, etc. indicators: regulations are used profitability, NPV, IRR, DPP, etc. 3rd Structural unit FERMA standard, Specialists with Specialized form The spectrum of Separate methods The possibility of within one of the ERM COSO, etc. specialized of reporting risks without in accordance reducing losses departments Internal education, justification the with the standards and individual documents, increased factors and measures is regulations, etc. qualification, causes, the determined etc. degree of impact 4th Independent Full compliance Specialists with Risk The spectrum of Methods within It is carried out structural unit, with FERMA, a specialized management risks with risk management systematically for but not in the ERM COSO, ISO education or reports with justification of standards are individual framework of the and internal having a justification of individual applied business processes highest level of regulations certificate results elements of risk within standards management culture 5th Separate The company’s Certified risk Reports with The range of Standardized and Systematically division, own risk management substantiation of risks, taking into the company’s based on business functioning management professionals in results and account the own developed process along with other standard is used organizational description of factors, causes, risk assessment monitoring basic structures together with units promising extent and and management procedures using international directions for the measures to methodologies are specialized standards development of reduce the applied methodology and RMS based on negative impact indicators calculations Consider the features of the RMS arrangement for implementation of risk management processes at Philips are individual companies. For example, since 2010, risk considered by the Executive Committee, which oversees the management for the NMLK Group is carried out activities of the company's main business groups. At Nestle, independently within the framework of such activities as the Executive Board oversees risk management, among other auditing and controlling all employees of the Group at issues. The risk management group at Nestle provides different stages of risky business processes. PJSC Gazprom assistance to all corporate divisions in determining the Neft also considers risk management as part of the highest possible level of exposure to risk, which is usually set implementation of internal audit procedures when once a year. In this case, as a rule, one considers the risks that implementing the internal control policy. This company is require the implementation of individual measures, including also characterized by the constant development of a insurance. At Coca Cola, the focus is made on studying four methodological base for risk assessment. Issues related to the groups of risks from external impacts: the adequacy and

555 quality of water resources, global warming, the need for 2. Development of the main elements of risk culture on recycling plastic waste, and accounting for changing the basis of increasing the degree of integration of the RMS consumer demands. The presence of risks is confirmed by an in the activities of the organization as a whole. objective justification. 3. Increasing the level of unification of the RMS in the We should note the high level of the RMS development framework of individual areas of activity. at Severstal, which takes into account the main 9 types of risks affecting all stages of the production cycle. The main 4. Changing the structure and parameters for determining participants of the RMS are the Board of Directors, the Risk priority risks associated with a significant environmental Management Committee, the Risk Management and Internal impact. Control Service, the owners of risks. At each meeting of the 5. Development of typical models of risk assessment and Board of Directors, a risk analysis is conducted and decisions management, which, in turn, may affect the determination of are made to reduce their negative impact. Within the potential effectiveness, not only of the RMS, but of the framework of an objectively reasonable risk system, the organization as a whole. relative degree and potential speed of the influence of risks, the nature, changes during the year, and measures to REFERENCES eliminate them are determined. For example, in order to [1] Board of Directors [Electronic resource]: Corporate Governance reduce the negative impact of cyber risks, the company has Report 2018/ - access mode: developed a system of specialized training of employees. https://www.nestle.com/assetlibrary/documents/library/documents/cor Based on the results of the assessment, the Board of porate_governance/corp-governance-report-2018-en.pdf. Screen Title. Appeal date: 04/20/2019. Directors of the enterprise forms a statement on the business [2] Evan Mheeler, Security Risk Management. Building an information sustainability. Security Risk Management. Program from the Ground Up. Syngress. Uniliver applies an objectively sound risk management – 2011. – 339 p. system, which not only identifies all types of risks in the [3] Kurt J. Engemann, Douglas M. Henderson, Business Continuity and Risk Management: Essentials of Organizational Resilience. Essentials direction of their impact, provides data on the results of their of Organizational Resilience. 2012. – 370 p. monitoring and focuses on measures to reduce their negative [4] Natalia Rykhtikova, Main directions of the development of the risk impact, including through the use of scenario modeling of the management system in corporations// MATEC Web of Conferences situation. Moreover, risk management procedures are 212, 07012 (2018) integrated into all business processes and are considered at [5] Norman Marks, World- Class Risk Management. CPA, CRMA. – three levels: ie short-term risks – for a period of up to two 2015. – 234 p. years; ie medium-term risks – for a period of from three to [6] Philip E. J. Green, Enterprise Risk Management. A Common five years; ie beyond five years – for a period of five years or Framework for the Entire Organization. Imprint: Butterworth- more. As a rule, a detailed analysis is presented on the 16 Heinemann. 2015. – 260 p. types of risks. For each of the presented types of risks [7] Priority Issues: Risks & Opportunities [Electronic resource]: 2018 Business & Sustainability Report/ - access mode: (business transformation, preservation of product quality, https://www.cocacolacompany.com/content/dam/journey/us/en/privat ethical, dependence on information systems, customer e/fileassets/pdf/2019/Coca-Cola-Business-and-Sustainability- opinions, loss of personnel, etc.), the causes, factors of Report.pdf. Screen Title. Appeal date: 04/20/2019. occurrence and measures used to minimize the risk are [8] Risk management [Electronic resource]: Annual Report 2018. Fillips/ considered in detail. That is, the risk management system is - - access mode: formed in accordance with the established requirements. https://www.results.philips.com/publications/ar18#/downloads. Screen Title. Appeal date: 04/20/2019. IV. CONCLUSION [9] Risk management [Electronic resource]: Annual Report 2018. Severstal/ - access mode: Under the conditions of the existing economic reality, https://www.severstal.com/files/23850/Annual_report_2018_RUS.pdf risk management systems are an absolutely dynamic . - Screen Title. Appeal date: 04/25/2019. mechanism ensuring the development of economic entities. [10] Risk management [Electronic resource]: Audit and control. - Access The uniqueness of the results of the presented research lies in mode: https://www.nlmk.com/en/about/governance/audit-internal- control/. - Title from the screen. Appeal date: 04/20/2019. the fact that, based on a study of existing practice and [11] Risk management [Electronic resource]: Tatneft. - Access mode: - experience of international corporations, unified parameters http://tatneft.ru/korporativnoe-upravlenie/upravlenie- and criteria for the development of the risk management riskami/?lang=ru.pdf. -The title from the screen. Appeal date: system of modern organizations are established, which can 04/20/2019. be used not only to analyze the current RMS, but also to [12] Risk management and internal control [Electronic resource]: determine the directions of its development. So, among the Corporate Governance - access mode: most important directions of the RMS development of the https://www.rosneft.ru/governance/Upravlenie_riskami_i_vnutrennij_ modern organizations are the following: kontrol/ - Screen Title. Appeal date: 04/25/2019. [13] Risk management and internal control [Electronic resource]: 1. Increasing the level of mastering of certain parameters Sustainable development. - Access mode: that are not sufficiently developed within the framework of a http://www.rushydro.ru/sustainable_development/risk. - Title from the specific RMS. For example, in the case of insufficient screen. Appeal date: 04/20/2019. [14] Risk management system [Electronic resource]: Annual report. 2017. qualifications of employees, the possibility of organizing - Access mode: https://www.gazprom-neft.ru/company/management// their training in risk assessment and risk management - Zagl. from the screen. Appeal date: 04/20/2019. methods may be considered, or if the spectrum of all types of [15] Risks [Electronic resource]: Annex to the annual report. 2018. Lukoil. risks is not fully studied, the prospects for expanding their - Access Mode: list and applying new methods, indicators and evaluation http://www.lukoil.ru/InvestorAndShareholderCenter/ReportsAndPres criteria are determined.

556 entations/AnnualReports - Title. from the screen. Appeal date: 04/20/2019. [16] Risks [Electronic resource]: UNILEVER ANNUAL REPORT AND ACCOUNTS 2018/ - access mode:.https://www.unilever.com/Images/unilever-annual-report-and- accounts-2018_tcm244-534881_en/. [17] Rykhtikova, N. A. Organization risk analysis and management: study guide. - M: Forum, 2015. - 240 p. [18] The system of internal control and audit [Electronic resource]: Investors. - Access mode: http://www.metalloinvest.com/investors/leadership/sistema- vnutrennego-kontrolya-i-audita/index.php?sphrase_id=170619.

557